Blackshades Malware Author Sentenced to 4 Years in New York Federal Prison

A Swedish man behind the wildly successful BlackShades Remote Access Tool (RAT) that infected over half a million computer systems around the world was sentenced to four years and nine in a New York federal prison, the Department of Justice said Tuesday.

25-Year-Old Alex Yücel, was the alleged owner and operator of the BlackShades RAT, a sophisticated piece of software that several thousand hackers all across the world purchased for roughly $40 to $50. The malware attracted hackers from all over the world, spanning across 100 countries with thousands of happy customers.

BlackShades, the remote administrative malware, which could be purchased for a messily $40 was designed to take over computers, capture keystrokes, steal username and passwords found on victims machines, hijack FTP client credentials, spy on the webcams, record audio among much more. The tool was built to give hackers complete access over the infected machine, allowing them to act as the system owner and complete tasks covertly.

Yücel, known under his online alias “marjinz” was sentenced to four years and nine months in federal prison by U.S. District Judge, Kevin Castel, after Yücel pleaded guilty in a New York federal court room back in February.

The Swedish-man asked Castel for leniency during his sentencing, saying how he regrets making and marketing the malware as a commercial software to hackers. “I deeply regret starting this whole project, which obviously went out of control,” Yücel said.

However, Castel ignored his plea, sentencing Yücel to 57 months behind bars along with a six digit penalty of $200,000, saying “the message must go forth that this is a serious crime worthy of a serious punishment.”

Yücel has already served roughly 13 months in a New York prison after being arrested in Moldova in 2013, where he spent one month in prison before being extradited in the U.S.

Back around mid-May of 2014, federal law enforcement launched a large-scale international raid, where roughly 100 BlackShades customers were arrested as part of an investigation. Authorities were able to arrest the hackers after federal agents seized the Blackshades servers, where they found thousands of valid customer accounts spanning across 100 countries. From 2010 to 2013, the BlackShades RAT accumulated over 6,000 customers who generated over $350,000 in revenue.

Apart of those arrested was an Arizona resident believed to be the co-creator of BlackShades, Michael Hogue, who pleaded guilty and cooperated with authorities as part of a plea deal. Hogue currently awaits his sentencing which is scheduled one month from today, July 24.

Federal agents seized 1,900 command-and-control (CnC) domains associated with the malware alongside arresting over 100 hackers who took part in illicit activities with the BlackShades malware.

BlackShades was originally developed by an IT surveillance company who advertised the tool as an easy way for parents to monitor their children’s computer activities or spy on a cheating spouse. However, cybercriminals got their hands on the tool and began to commit illicit activities with it.

BlackShades claim to fame came from online hacking forums, more specifically Hackforums, an online hacking community that teaches users how to hack and has a marketplace where hackers are able to buy and sell their products. The tool allowed for low-skilled or expert-hackers to setup a sophisticated piece of malware capable of taking over millions of machines. The malware was designed to give full remote access over another users machine.

When the malware hit Hackforums marketplace a few years ago, the forum went crazy for it. The RAT was a one of a kind tool that allowed hackers to setup sophisticated malware capable of antivirus evasion for a mere $40. Shortly after it went to market it was one of the most successful pieces of malware to hit public facing hacking forums. However, after three years Yücel was arrested and later sentenced to a long awaited four years in prison.